Latest vulnerabilities of Saturday, November 4, 2023

Latest vulnerabilities of Saturday, November 4, 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Last update performed on 11/04/2023 at 11:57:02 PM

(0) CRITICAL VULNERABILITIES [9.0, 10.0]

(0) HIGH VULNERABILITIES [7.0, 8.9]

(0) MEDIUM VULNERABILITIES [4.0, 6.9]

(0) LOW VULNERABILITIES [0.1, 3.9]

(4) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : patchstack.com

Vulnerability ID : CVE-2023-32741

First published on : 04-11-2023 00:15:08
Last modified on : 04-11-2023 00:15:08

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IT Path Solutions PVT LTD Contact Form to Any API allows SQL Injection.This issue affects Contact Form to Any API: from n/a through 1.1.2.

CVE ID : CVE-2023-32741
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/contact-form-to-any-api/wordpress-contact-form-to-any-api-plugin-1-1-2-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-35910

First published on : 04-11-2023 00:15:08
Last modified on : 04-11-2023 00:15:08

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nucleus_genius Quasar form free โ€“ Contact Form Builder for WordPress allows SQL Injection.This issue affects Quasar form free โ€“ Contact Form Builder for WordPress: from n/a through 6.0.

CVE ID : CVE-2023-35910
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/quasar-form/wordpress-quasar-form-plugin-6-0-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-38391

First published on : 04-11-2023 00:15:08
Last modified on : 04-11-2023 00:15:08

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themesgrove Onepage Builder allows SQL Injection.This issue affects Onepage Builder: from n/a through 2.4.1.

CVE ID : CVE-2023-38391
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/tx-onepager/wordpress-onepage-builder-easiest-landing-page-builder-for-wordpress-plugin-2-4-1-sql-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-40215

First published on : 04-11-2023 00:15:08
Last modified on : 04-11-2023 00:15:08

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Demonisblack demon image annotation allows SQL Injection.This issue affects demon image annotation: from n/a through 5.1.

CVE ID : CVE-2023-40215
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/demon-image-annotation/wordpress-demon-image-annotation-plugin-5-1-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.